Content protection technologies are used to establish and manage digital rights, such as the right to make copies, or to distribute content via the Internet. Certain consumer electronic devices are capable of receiving and rendering or otherwise using media content. Many content owners want to be assured that device vendors will manage and protect this content against unauthorized use. Digital rights management (“DRM”) systems are used to manage the content and may be incorporated in licenses related to the use of protected content.
Security measures required for a device or application are laid out in “Robustness Rules.” They dictate the security requirements, including the prevention of widely available and specialized attack tools from accessing restricted content data. For many applications, these requirements mean integrating specialized security techniques focused on the prevention of these attacks. Key hiding, obfuscation, code signing, executable encryption and anti-debug all act as defenses within and around the application, securing the content to the application and ensuring revenue protection for content owners and distributors.
In spite of these robustness rules that licensed products are required to follow, secret device keys may be extracted from certain devices by unauthorized persons, or keys may be stolen from production facilities. A copy protection technology provider often can learn the identities of cloned or stolen units, usually by buying a pirated unit. Units built using stolen or extracted keys usually are not authorized to handle protected content, because typically these units disregard provisions of the applicable DRM restrictions, and would allow (for example) unlimited copying of content, and distribution via the Internet.
Some copy protection technology providers currently include DTCP (Digital Transmission Copy Protection) used for IEEE 1394 links, and HDCP (High-bandwidth Digital Copy Protection) used to protect uncompressed digital video traveling on DVI (digital visual interface) or HDMI (high definition multi-media interface) links.
In order to disable or “revoke” units built from stolen or cloned certificates, system renewability messages, or “SRMs,” are distributed along with content that is delivered on terrestrial broadcast, satellite, and cable media. SRMs are also sometimes known as “revocation lists” and may comprise lists containing the identities of illegal units. Each copy protection provider may generate a list of units no longer authorized to handle content according to that particular provider's technology. SRMs therefore may include multiple revocation lists, one list or set for each copy protection technology provider.
What is needed therefore are efficient systems and methods whereby SRMs can be distributed as part of or along with protected content, so that a receiving device can discover the presence of SRMs with the content and process the data appropriately, or as required by terms of a license.